0001-do-not-allow-unauthenticated-access-to-unlink-page-2.patch
| src/authentic2_auth_fc/views.py | ||
|---|---|---|
| 488 | 488 |
return kwargs |
| 489 | 489 | |
| 490 | 490 |
def dispatch(self, request, *args, **kwargs): |
| 491 |
if not request.user.is_authenticated(): |
|
| 492 |
raise PermissionDenied() |
|
| 491 | 493 |
# We prevent unlinking if the user has no usable password and can't change it |
| 492 | 494 |
# because we assume that the password is the unique other mean of authentication |
| 493 | 495 |
# and unlinking would make the account unreachable. |
| 494 |
- |
|